{"title":"Comparison of patient-centric algorithms for health information security in health social networks and cloud environments","authors":"Mahin Mohammadi, A. Sheikhtaheri, F. Kermani","doi":"10.29252/jmis.5.2.68","DOIUrl":null,"url":null,"abstract":"Aim: Electronic health enables patients share their own medical information and this sharing poses security risks. The purpose of this research is to review, and compare algorithms and methods for solving patient information security, from different aspects, including user revocation, and access control capabilities. The strengths and weaknesses of these algorithms are identified. Information sources or data: This review conducted using online databases including PubMed, Web of Science, and Science Direct. Selection methods for study: Keywords including health information systems, computer security, access to information, cloud computing and social networking was used to search. Articles published in 2009 to 2019 were selected. 29 articles related to solving the problem of user revocation and 7 articles related to solving the problem of access control were selected. Related articles were reviewed, then the access control and user revocation solutions were compared. Combine content and results: To protect the confidentiality of patient information, a cryptographic method is suggested before data sharing. This solution has the problem of revocation of the users. To solve this problem, various methods have been proposed. In this paper, these solutions are compared in different respects. The features of these methods have been compared in terms of instant revocation, key update, cloud free, encrypted text updates, and short revocation. Finally, methods for access control by the patients were also compared . Conclusion: Security issues associated with health data make patients hesitant to post sensitive health information and share it with health providers. In this paper, algorithms and health information security methods were compared. Most of the solutions to revocation of users need re-encryption methods, also, access control solutions do not have the required flexibility. In the future, better methods should be presented.","PeriodicalId":231482,"journal":{"name":"Journal of Modern Medical Information Sciences","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Modern Medical Information Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.29252/jmis.5.2.68","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Aim: Electronic health enables patients share their own medical information and this sharing poses security risks. The purpose of this research is to review, and compare algorithms and methods for solving patient information security, from different aspects, including user revocation, and access control capabilities. The strengths and weaknesses of these algorithms are identified. Information sources or data: This review conducted using online databases including PubMed, Web of Science, and Science Direct. Selection methods for study: Keywords including health information systems, computer security, access to information, cloud computing and social networking was used to search. Articles published in 2009 to 2019 were selected. 29 articles related to solving the problem of user revocation and 7 articles related to solving the problem of access control were selected. Related articles were reviewed, then the access control and user revocation solutions were compared. Combine content and results: To protect the confidentiality of patient information, a cryptographic method is suggested before data sharing. This solution has the problem of revocation of the users. To solve this problem, various methods have been proposed. In this paper, these solutions are compared in different respects. The features of these methods have been compared in terms of instant revocation, key update, cloud free, encrypted text updates, and short revocation. Finally, methods for access control by the patients were also compared . Conclusion: Security issues associated with health data make patients hesitant to post sensitive health information and share it with health providers. In this paper, algorithms and health information security methods were compared. Most of the solutions to revocation of users need re-encryption methods, also, access control solutions do not have the required flexibility. In the future, better methods should be presented.
目的:电子医疗使患者能够共享自己的医疗信息,而这种共享带来了安全风险。本研究的目的是从不同的方面,包括用户撤销和访问控制能力,来回顾和比较解决患者信息安全的算法和方法。指出了这些算法的优缺点。信息来源或数据:本综述使用PubMed、Web of Science和Science Direct等在线数据库进行。研究选择方法:采用卫生信息系统、计算机安全、信息获取、云计算、社交网络等关键词进行检索。选取2009年至2019年发表的文章。选取解决用户撤销问题的文章29篇,解决访问控制问题的文章7篇。在回顾相关文章的基础上,对访问控制和用户撤销方案进行了比较。内容与结果相结合:为了保护患者信息的机密性,建议在数据共享前使用加密方法。该解决方案存在撤销用户的问题。为了解决这个问题,人们提出了各种方法。本文从不同方面对这些解决方案进行了比较。从即时吊销、密钥更新、无云、加密文本更新和短吊销等方面比较了这些方法的特点。最后,对患者的访问控制方法进行了比较。结论:与健康数据相关的安全问题使患者在发布敏感健康信息并与医疗服务提供者共享时犹豫不决。本文对算法和卫生信息安全方法进行了比较。大多数撤销用户的解决方案需要重新加密的方法,而且,访问控制解决方案不具备所需的灵活性。在未来,应该提出更好的方法。